Sep 162025 40 npm Packages Compromised in Supply Chain Attack Using bundle.js to Steal Credentials Over 40 npm packages trojanized to steal GitHub and cloud credentials via bundle.js malware
